Story Highlights

(EDITOR'S NOTE: Last fall, Iran came under suspicion of devastating the computer network of Saudi Arabia oil giant Aramco. Shortly thereafter, Iran was again deemed the culprit behind a slew of massive attacks that took down a string of American banks' web sites. Then hackers stole 3.6 million Social Security number from the South Carolina Department of Revenue. In this guest commentary, Bob Ackerman, founder and managing director of Allegis Capital, outlines how those cyberintrusions, and a string of others, affirm the instincts of venture capitalists who are betting big onnew technologies to help stop the bad guys.)

Major cyber attacks can come in waves, and, in any case, are relentless. Perpetrators are everywhere and increasingly sophisticated, and they could be government spy organizations, organized criminals, or affiliated or independent hackers of many different stripes.

What is the solution? No perfect one exists – the bad guys are almost as well financed and are as smart as the good guys, and they don't have to be right all the time. The U.S. free enterprise system, spearheaded by innovative startups supported by the venture capital community as well as big, sophisticated technology corporations, is doing the right thing and helping the good guys, including the government, fight the cyber attack threat.

Last year, for example, venture capital investments in firewall and software encryption startups rose 10 percent, to just under $600 million. And the 2012 figure marked a hefty 60 percent jump over dollars committed in 2010, according to data compiled by the PriceWaterhouseCoopers and the National Venture Capital Association.

Small wonder, then, that IT security is becoming the fourth leg of the computing stool, supplementing computation, storage and communications. This is leading to a new wave of cyber-focused innovation, one in which security is an integral part of the computing platform from the get-go.

Aging architecture

But this shouldn't suggest there aren't obstacles. As it stands now, our information stack is built on a 40-year-old architecture that never predicted the speed of today's computing, the amount of data accessed or the interconnectivity of networks. Until we reinvent our technology foundation, which will take time, today's networks will be more vulnerable than they should be to inherent vulnerabilities.

That is why attacks continue to mushroom. U.S. companies are hesitant to report breaches, but the U.S. Cyber Command says there are 250,000 probes or attacks on U.S. government networks an hour, or 6 million a day, and that among the attackers are some 140 foreign spy organizations. The federal Government Accountability Office says the number of actual breaches grew from 5,503 in 2006 to 41,776 in 2010, or 650 percent, the latest figure available.

So far, no one has managed to seriously damage or disrupt critical U.S. infrastructure networks. But it doesn't take much to imagine the possibility of a hugely successful cyber attack, one that former Defense Secretary Leon Panetta has said could amount to a "cyber-Pearl Harbor." Scuttling vital banking systems could trigger a financial crisis. Disrupting our clean water supply could spark a public health emergency. Or there could be power blackouts that bring business, cities and entire regions to a standstill.

Joint forces

Hopefully, the federal government will actually join forces with the private sector in playing a more meaningful role in our cyber security future. The nature of the cyber threat is such that a clear government/free market divide fails to fully serve the needs of the country. Close collaboration and cooperation between government experts and the operators of critical command infrastructure in the free-market economy is needed.

This, of course, will require trust between groups that are not normally comfortable with one another. President Obama's call for greater information sharing between government and industry in his State of the Union address should be a step in the right direction. There is also a need for legislation that will allow for collaboration while addressing legitimate privacy concerns. Additionally, there is an opportunity to develop standards for data security and identify management to insure that confidential and sensitive data isn't vulnerable to external threats.

Aggressive cyber security investments by venture capital-backed startups and sizable corporations are obviously a huge step in the right direction, but it is equally clear that more must be done. The theft of our intellectual property will seem like small potatoes when the derivatives of stolen IP are focused on competing with U.S. industry in the global economy. The threats are real and the consequences ominous. They must be addressed as fully as possible.

Robert R. Ackerman Jr. is the founder and managing director of Allegis Capital and a formal serial entrepreneur. Ackerman and the Allegis team have by active investors in Cyber Security technologies for the past ten years. Current and past portfolio companies include IronPort Systems (CSCO), Solera Networks, Symplified, Bracket Computing and Shape Security.